﻿using System.Collections.Generic;
using System.Data;
using Alpha;
using Alpha.DataBase;
using BlockMe.Infrastructure;
using BlockMe.Model;
using MySql.Data.MySqlClient;

namespace BlockMe.Repository.MySQL
{
    public class UserRepository : IUserRepository
    {
        public string UserTableName { get; set; }
        
        DBProvider provider = ProviderFactory.GetProvider();

        public UserRepository()
        {
            UserTableName = "users";
        }
        public IEnumerable<BlogUser> GetAll()
        {
            List<BlogUser> list = new List<BlogUser>();
            var reader = provider.ExecuteDataReader("select user_name,user_email,user_displayname from " + UserTableName);
            while (reader.Read())
            {
                BlogUser user = new BlogUser { DisplayName = reader.GetString(2), UserName =reader.GetString(0), Email = reader.GetString(1) };
                list.Add(user);
            }
            reader.Close();
            reader.Dispose();
            return list;
        }

        public void Delete(BlogUser item)
        {
            provider.ExecuteNonQuery("delete from " + UserTableName + " where user_name=@username", new MySqlParameter { ParameterName="@username", Value = item.UserName });
        }

        public BlogUser Add(BlogUser item)
        {
            var ps = new MySqlParameter[] { 
                new MySqlParameter{ DbType = DbType.String,Value = item.UserName, ParameterName="@user_name"},
                new MySqlParameter{ DbType = DbType.String,Value = item.Email, ParameterName="@user_email"},
                new MySqlParameter{ DbType = DbType.String,Value = item.Passwd.Sha256Hash(), ParameterName="@user_password"},
                new MySqlParameter{ DbType = DbType.String,Value = item.DisplayName, ParameterName="@user_displayname"}
            };
            item.UserId = provider.ExecuteAndReturnID("insert into " + UserTableName + " (user_name,user_email,user_password,user_displayname) values(@user_name,@user_email,@user_password,@user_displayname)",ps);
            return item;
        }

        public BlogUser Update(BlogUser item)
        {
            var ps = new MySqlParameter[] { 
                new MySqlParameter{ DbType = DbType.String,Value = item.Email, ParameterName="@user_email"},
                new MySqlParameter{ DbType = DbType.String,Value = item.DisplayName, ParameterName="@user_displayname"},
                new MySqlParameter{ DbType = DbType.String,Value = item.UserName, ParameterName="@user_name"}
            };
            provider.ExecuteNonQuery("update " + UserTableName + " set user_email=@user_email, user_displayname=@user_displayname where user_name=@user_name", ps);
            return item;
        }

        public bool ValidateUser(string userName, string password)
        {
            var reader = provider.ExecuteDataReader("select user_password from " + UserTableName + " where user_name=@username"
                , new MySqlParameter[]{
                    new MySqlParameter{ ParameterName = "@username", Value = userName}
                });
            if (reader.Read())
            {
                if (reader.GetString(0) == password)
                {
                    reader.Close();
                    reader.Dispose();
                    return true;
                }
                else
                {
                    reader.Close();
                    reader.Dispose();
                    return false;
                }
            }
            reader.Dispose(); 
            return false;
            
        }

        public bool ValidateToken(int userid, uint token)
        {
            var reader = provider.ExecuteDataReader("select token from " + UserTableName + " where userid=@userid"
                , new MySqlParameter[]{
                    new MySqlParameter{ ParameterName = "@userid", Value = userid}
                }) as MySqlDataReader;
            if (reader.Read())
            {
                if (reader.GetUInt32(0) == token)
                {
                    reader.Close();
                    reader.Dispose();
                    return true;
                }
                else
                {
                    reader.Close();
                    reader.Dispose();
                    return false;
                }
            }
            reader.Dispose();
            return false;
        }
    }
}
